General
-
Target
f5ed29c215462bc79bd3e5120b4d054f.elf
-
Size
128KB
-
Sample
221203-259geadh23
-
MD5
f5ed29c215462bc79bd3e5120b4d054f
-
SHA1
836e2b94031a749dec2ddbf601818b8bbd15901b
-
SHA256
326f6d4ff26111bb824668b98c44f38dd92a1631b0330da26f017f57a0c09124
-
SHA512
a99e883195a2ce82162da2e252dce8f70cde47cb981756b26e2599bab4beb8d8bf7ac216c565f778675b341e0c2634402745a4d09ce8eb092d60f897a08b9bd5
-
SSDEEP
3072:NMHPp2Y34jM82KSHfFBgmKVbwemS9j6RM/9KmywPoIlq:NMHPp2djIKSHfFB3K+PS98M/9KmywPo1
Behavioral task
behavioral1
Sample
f5ed29c215462bc79bd3e5120b4d054f.elf
Resource
debian9-armhf-en-20211208
Malware Config
Extracted
mirai
CONDI
Targets
-
-
Target
f5ed29c215462bc79bd3e5120b4d054f.elf
-
Size
128KB
-
MD5
f5ed29c215462bc79bd3e5120b4d054f
-
SHA1
836e2b94031a749dec2ddbf601818b8bbd15901b
-
SHA256
326f6d4ff26111bb824668b98c44f38dd92a1631b0330da26f017f57a0c09124
-
SHA512
a99e883195a2ce82162da2e252dce8f70cde47cb981756b26e2599bab4beb8d8bf7ac216c565f778675b341e0c2634402745a4d09ce8eb092d60f897a08b9bd5
-
SSDEEP
3072:NMHPp2Y34jM82KSHfFBgmKVbwemS9j6RM/9KmywPoIlq:NMHPp2djIKSHfFB3K+PS98M/9KmywPo1
Score9/10-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Writes file to system bin folder
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-